How to Connect your vSphere Client Externally
I had a situation today where I had to connect my VMware vSphere client over the internet directly to one of my ESXi hosts to gain remote access to a new bank of VM’s and thought I’d post here how to do it. I couldn’t find an article exactly outlining the procedure, so here’s mine…
There’s some definite disadvantages to directly connecting like this, but it certainly helped solve my issue. My home internet connection isn’t allowing my VPN to come up and the new VM’s I built do not have remote access turned on which means no RDP connectivity. The icing on the cake is there’s no server or workstation on the current LAN which I can connect to that will let me install the vSphere client.
The solution!?!? Externally connecting my vSphere client directly to my host, opening VM console sessions from the vSphere client and turning on remote access from there. There wasn’t much info on this on the interwebs so here’s my quick fix solution for those times when you need to do the same…
I’m going to assume you already have your vSphere client installed on your local PC, so let’s skip everything required there. So first up you’ll want to configrue your firewall. You’ll need two ports here, ports 443 and 902. Official documentation says 903 as well, but I haven’t found a need for that port yet.
All that was required on my firewall was port forwards (virtual hosts, PAT, VIPs…whatever terminology your firewall/router appliance uses) to both of those service ports. I already had a server listening on port 443 so I did PAT from port 58654 to 443 for a little more security. DISCLAIMER: Yes that is a fake port and not the actual one I used.
So my first port forward listended externally on port 58654 and translated to port 443 internally which points to my ESXi host. The second port forward listended externally on port 902 and translated directly to port 902 internally which also points to my ESXi host.
Port 443 is required for the vSphere client external connection and 902 & 903 is a documented requirement for the virtual machine console connections. In my experience I only needed port 902 and the console connections to my VM’s worked fine.
Now you’ve got your port forwards configured it’s time to connect your client. Simply use <IP Adress>:<port> and Voila! I was connecting to an ESXi host, but I’m assumming this will work the same to vCenter.
We thought there’d be more people out there wanting to know How to Connect your vSphere Client Externally so that’s why this post was born. Of course there are much better ways to skin this cat, I prefer to always use some type of VPN and never expose my hosts externally like this, but for my quick fix it worked perfectly. I’ve now turned on remote access on my new VM’s and deleted these rules out of my firewall.
I always like a nice and easy fix you can find on the internet!